1. 07 Dec, 2013 1 commit
    • Damien Miller's avatar
      - markus@cvs.openbsd.org 2013/12/06 13:39:49 · 5be9d9e3
      Damien Miller authored
           [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
           [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
           [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
           [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
           [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
           support ed25519 keys (hostkeys and user identities) using the public
           domain ed25519 reference code from SUPERCOP, see
           http://ed25519.cr.yp.to/software.html
           feedback, help & ok djm@
      5be9d9e3
  2. 25 Oct, 2013 1 commit
  3. 15 Oct, 2013 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2013/10/14 22:22:05 · 194fd904
      Damien Miller authored
           [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5]
           add a "Match" keyword to ssh_config that allows matching on hostname,
           user and result of arbitrary commands. "nice work" markus@
      194fd904
  4. 01 Jun, 2013 1 commit
    • Darren Tucker's avatar
      - djm@cvs.openbsd.org 2013/05/17 00:13:13 · a627d42e
      Darren Tucker authored
           [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
           ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
           gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
           auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
           servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
           auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
           sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
           kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
           kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
           monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
           ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
           sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
           ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
           dns.c packet.c readpass.c authfd.c moduli.c]
           bye, bye xfree(); ok markus@
      a627d42e
  5. 05 May, 2011 1 commit
    • Damien Miller's avatar
      - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac] · f22019bd
      Damien Miller authored
         [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
         [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
         [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
         [regress/README.regress] Remove ssh-rand-helper and all its
         tentacles. PRNGd seeding has been rolled into entropy.c directly.
         Thanks to tim@ for testing on affected platforms.
      f22019bd
  6. 17 Feb, 2011 1 commit
  7. 10 Sep, 2010 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2010/08/31 12:33:38 · 4314c2b5
      Damien Miller authored
           [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
           reintroduce commit from tedu@, which I pulled out for release
           engineering:
             OpenSSL_add_all_algorithms is the name of the function we have a
             man page for, so use that.  ok djm
      4314c2b5
  8. 31 Aug, 2010 2 commits
  9. 05 Aug, 2010 2 commits
  10. 13 Jan, 2010 1 commit
  11. 01 Sep, 2006 1 commit
    • Damien Miller's avatar
      - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] · ded319cc
      Damien Miller authored
         [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
         [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
         [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
         [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
         [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
         [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
         [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
         [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
         [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
         [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
         [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
         [openbsd-compat/port-uw.c]
         Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
         compile problems reported by rac AT tenzing.org
      ded319cc
  12. 05 Aug, 2006 2 commits
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 · d7834353
      Damien Miller authored
           [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
           [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
           [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
           [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
           [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
           [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
           [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
           [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
           [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
           [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
           [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
           [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
           [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
           [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
           [serverloop.c session.c session.h sftp-client.c sftp-common.c]
           [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
           [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
           [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
           [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
           [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
           [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
           almost entirely get rid of the culture of ".h files that include .h files"
           ok djm, sort of ok stevesk
           makes the pain stop in one easy step
           NB. portable commit contains everything *except* removing includes.h, as
           that will take a fair bit more work as we move headers that are required
           for portability workarounds to defines.h. (also, this step wasn't "easy")
      d7834353
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/26 13:57:17 · e7a1e5cf
      Damien Miller authored
           [authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
           [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
           [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
           [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
           [sshconnect1.c sshd.c xmalloc.c]
           move #include <stdlib.h> out of includes.h
      e7a1e5cf
  13. 24 Jul, 2006 3 commits
    • Damien Miller's avatar
      - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c] · b8fe89c4
      Damien Miller authored
         [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
         [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
         [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
         [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
         [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
         [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
         [openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
         [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
         [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
         make the portable tree compile again - sprinkle unistd.h and string.h
         back in. Don't redefine __unused, as it turned out to be used in
         headers on Linux, and replace its use in auth-pam.c with ARGSUSED
      b8fe89c4
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/22 20:48:23 · e3476ed0
      Damien Miller authored
           [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
           [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
           [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
           [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
           [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
           [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
           [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
           [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
           [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
           [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
           [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
           [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
           [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
           move #include <string.h> out of includes.h
      e3476ed0
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/17 01:31:10 · e6b3b610
      Damien Miller authored
           [authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
           [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
           [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
           [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
           [sshconnect.c sshlogin.c sshpty.c uidswap.c]
           move #include <unistd.h> out of includes.h
      e6b3b610
  14. 10 Jul, 2006 2 commits
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/09 15:15:11 · 57cf6385
      Damien Miller authored
           [auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
           [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
           [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
           [sshlogin.c sshpty.c]
           move #include <fcntl.h> out of includes.h
      57cf6385
    • Damien Miller's avatar
      - stevesk@cvs.openbsd.org 2006/07/06 16:03:53 · 9f2abc47
      Damien Miller authored
           [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
           [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
           [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
           [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
           [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
           [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
           [uidswap.h]
           move #include <pwd.h> out of includes.h; ok markus@
      9f2abc47
  15. 23 Apr, 2006 1 commit
  16. 26 Mar, 2006 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2006/03/25 13:17:03 · 57c30117
      Damien Miller authored
           [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
           [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
           [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
           [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
           [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
           [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
           [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
           [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
           [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
           [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
           [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
           [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
           [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
           [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
           [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
           [uidswap.c uuencode.c xmalloc.c]
           Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
           Theo nuked - our scripts to sync -portable need them in the files
      57c30117
  17. 25 Mar, 2006 1 commit
    • Damien Miller's avatar
      - deraadt@cvs.openbsd.org 2006/03/19 18:51:18 · b0fb6872
      Damien Miller authored
           [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
           [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
           [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
           [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
           [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
           [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
           [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
           [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
           [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
           [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
           [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
           [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
           [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
           [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
           [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
           [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
           [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
           [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
           [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
           [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
           [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
           [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
           [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
           RCSID() can die
      b0fb6872
  18. 15 Mar, 2006 2 commits
  19. 03 Oct, 2005 1 commit
  20. 29 Aug, 2004 2 commits
  21. 15 Aug, 2004 1 commit
  22. 17 Jul, 2004 1 commit
  23. 20 Apr, 2004 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2004/04/18 23:10:26 · 57a4476a
      Damien Miller authored
           [readconf.c readconf.h ssh-keysign.c ssh.c]
           perform strict ownership and modes checks for ~/.ssh/config files,
           as these can be used to execute arbitrary programs; ok markus@
           NB. ssh will now exit when it detects a config with poor permissions
      57a4476a
  24. 21 Jan, 2004 1 commit
  25. 17 Nov, 2003 1 commit
  26. 03 Jul, 2003 1 commit
  27. 18 May, 2003 1 commit
  28. 09 Apr, 2003 1 commit
  29. 15 Mar, 2003 1 commit
    • Damien Miller's avatar
      - (djm) OpenBSD CVS Sync · ed33d3b4
      Damien Miller authored
         - markus@cvs.openbsd.org 2003/03/13 11:42:19
           [authfile.c ssh-keysign.c]
           move RSA_blinding_on to generic key load method
      ed33d3b4
  30. 23 Dec, 2002 1 commit
  31. 09 Nov, 2002 1 commit
    • Ben Lindstrom's avatar
      - markus@cvs.openbsd.org 2002/11/07 22:08:07 · b6df73b0
      Ben Lindstrom authored
           [readconf.c readconf.h ssh-keysign.8 ssh-keysign.c]
           we cannot use HostbasedAuthentication for enabling ssh-keysign(8),
           because HostbasedAuthentication might be enabled based on the
           target host and ssh-keysign(8) does not know the remote hostname
           and not trust ssh(1) about the hostname, so we add a new option
           EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
      b6df73b0
  32. 04 Oct, 2002 1 commit